Nintendo hack was twice as big as first reported

The Japanese games company has admitted that 300,000 accounts were affected by recent breach

Nintendo has updated its statement regarding a data breach targeting its users’ accounts, almost doubling the number of victims to 300,000.

In early April, the company advised Nintendo account holders to enable two-factor authentication, without explaining the cause of the recommendation.

A further statement was published two weeks later, when Nintendo announced that it would be disabling “the function to log in to a Nintendo account via NNID,” which stands for Nintendo Network ID, due to a series of attempts to illegally access user accounts.

A month prior, in March, Nintendo customers began complaining that their accounts were being charged for digital items without their permission. An investigation revealed that hackers managed to get hold of users' personal data such as the account owner’s name, email address, date of birth and their country of residence.

At the time, Nintendo estimated the number of victims to be 160,000. However, a revision of the statement now claims that almost twice as many customers have had their data accessed.

In the updated statement, the company announced: "We posted a report on unauthorized login on April 24th, but as a result of continuing the investigation after that, there were approximately 140,000 additional NNIDs that may have been accessed maliciously", raising the total number of victims to 300,000.

Nintendo added that it had “reset the passwords for these 140,000 NNIDs and the Nintendo accounts that were linked with them, and contacted the customer separately

“At the same time, we are taking additional security measures. (...) We are still in the process of refunding in each country, but we have already finished refunding for most customers," it added.

Related Resource

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

Download now

The company, which has reported a significant growth in sales due to the resurgence of gaming over the course of the pandemic lockdown, maintains that, despite the large number of victims, less than 1% of all Nintendo accounts were impacted by the breach. 

Today it was also announced that patients using the Babylon smartphone app to book GP appointments were inadvertently given access to videos recorded by other patients. The private healthcare company has admitted that the data breach was as a result of a software error whereby a new feature worked improperly.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Most Popular

IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
Citrix buys Slack competitor Wrike in record $2.25bn deal

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
Should IT departments call time on WhatsApp?

Should IT departments call time on WhatsApp?

15 Jan 2021